|
Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks | 
| Author: Kenneth Brancik
Publisher: Auerbach Publications
Category: Book
List Price: $83.95
Buy New: $61.00
You Save: $22.95 (27%)
New (21) Used (2) from $61.00
Avg. Customer Rating:  7 reviews
Sales Rank: 564284
Media: Hardcover
Edition: 1
Number Of Items: 1
Pages: 504
Shipping Weight (lbs): 2.2
Dimensions (in): 9.4 x 6.4 x 1.2
ISBN: 1420046594
Dewey Decimal Number: 005.8
EAN: 9781420046595
ASIN: 1420046594
Publication Date: December 6, 2007
Availability: Usually ships in 1-2 business days
|
| Editorial Reviews:
Product Description
An organization#x2019;s employees are often more intimate with its computer system than anyone else. Many also have access to sensitive information regarding the company and its customers. This makes employees prime candidates for sabotaging a system if they become disgruntled or for selling privileged information if they become greedy. bInsider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks/b presents the methods, safeguards, and techniques that help protect an organization from insider computer fraud. pDrawing from the author#x2019;s vast experience assessing the adequacy of IT security for the banking and securities industries, the book presents a practical framework for identifying, measuring, monitoring, and controlling the risks associated with insider threats. It not only provides an analysis of application or system-related risks, it demonstrates the interrelationships that exist between an application and the IT infrastructure components it uses to transmit, process, and store sensitive data. The author also examines the symbiotic relationship between the risks, controls, threats, and action plans that should be deployed to enhance the overall information security governance processes. pIncreasing the awareness and understanding necessary to effectively manage the risks and controls associated with an insider threat, this book is an invaluable resource for those interested in attaining sound and best practices over the risk management process.
|
| Customer Reviews: Read 2 more reviews...
Very good cover of the issue October 23, 2008
Just started and finished (3 days in a row :)) this excellent book on insider fraud - it is one of my best buying decisions. br / br /I was impressed with the framework and found the loan example very clear. Altough the issue of insider fraud is considered a high risk there are not many good academic resources to help so not only the book is enjoyable to read it is very usefull to technical and business people interested in the subject.br /br /Very good work br /
Inside the Insider Threat February 3, 2008
Brancik covers computer fraud from every angle imaginable. It's precise, thorough and methodical. The index is detailed and specific in getting the exact information you need quickly. This book can be used as a reference for looking to tighten security and also as a textbook in the classroom. I specifically liked Chapter 6 that covered web services, which is the most widely missed security flaw in companies today. br /br /Brancik put together a fraud taxonomy that also can be used by professionals to measure how secure they are. This goes beyond most classroom lectures because this is the kind of information you need in real life work scenarios. What I liked mostly about this book was that the chapters flow into one another and while it covered a wide range of topics it did not feel like I was reading just another computer textbook. The book covers security and audit like no other book on the market and I have read most of them being in the banking sector for a number of years. I recommend this book highly.br /
Outstanding Reference Including Action Plans, for Today and the Future January 29, 2008
2 out of 2 found this review helpful
Ken Brancik has written a tour de force compendium about insider computer fraud. His years of practical experience shine through in this very practical book for anybody who needs to act in the defense of real systems. Brancik's own experience is combined with exhaustive references to case studies, legislation, and research. br /br /The reader will enjoy a thorough presentation of the domain theory, combined with very detailed explanation of technical methods. For example, Brancik provides a rich taxonomy, which will be of huge value to any practitioner looking to divide and conquer such problems. Moreover, this taxonomy is only one of the elements in "an in-depth framework for detecting and defending against insider IT attacks". The book's content is true to the claim of its title.br /br /Beyond what can be done and needs to be done as the first steps to thwart such attacks, Brancik also points the way to the future. Statistical models of anomaly, for example, have had a small place in computer security when compared to rule-based pattern detectors. Both approaches are needed, and this book describes neural networks -- associative memories in particular -- as a way toward more powerful hybrid systems of the future.br /br /"Insider Computer Fraud" would make a great textbook for the student, an invaluable cookbook for the practitioner, and a provocative guide to the researcher. It is also a must-have reference for anybody in the field of computer fraud more generally.
A must read for the financial services as recent events show... January 27, 2008
1 out of 1 found this review helpful
br /"Insider Computer Fraud" is a thorough and and extremely well done coverage of a complex topic which has important implications for people and the companies they work in. We often focus on external threats but as recent event show insider threat is as critical and can impact whole industries over night. Brancik's coverage of Novelty Neural Networks and their use to detecting insider fraud is an important contribution. Anyone in the financial services industry that has a role in protecting against computer fraud should read this book. br /br /
Highly recommend - well written and must read January 17, 2008
2 out of 2 found this review helpful
I really enjoyed reading this book. It provides a comprehensive framework for understanding insider threats and Risk management.br /br /The author integrates a lot of components like Risk Assessment, Threat Modeling, Privacy assessment, Cyber security, Application security, Web services and Computer architecture as it relates to insider threat identification and prevention. If you deal with any of these components - you must read this book. You will learn so much - all in one place. br /br /This book is logically arranged; the author does an excellent job building from one topic to another. It is an eye-opening and fascinating book as it presents the methods, safeguards, and techniques that help protect an organization from insider computer fraud.br /br /I really liked Chapter 3 which covered Risk Assessment very well. It walks the reader with a step by step risk assessment methodology, which is very critical in any environment. br /br /As a IT Security professional this book has become an invaluable resource for me. br /br /Bottom line: Must read and well worth the price.
|
|
|
| |